Keystroke Capture Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

Keystroke Capture Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey

CVE-2011-3663 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.

Learn more about our Web App Pen Testing.